Isn't this basically the remote wipe that's built into iOS/Android (or maybe I'm just thinking Cyanogenmod version) already? Plus a way to prevent re-activation? Why not just have a shared list via 3rd party or FCC or something which has a list of stolen IMEI numbers, and prevent access to those devices on their networks? Seems really stupid not to have done that already a long time ago.

So... is this going to involve wacky encrypted bootloader funtime (more so than usual, that is), because 3rd party ROMs, jailbreaking, carrier unlocking, and the like would all conceivably be things of use when trying to defeat the anti-theft bricking?

If so, somebody please stop the ride, I'll deal with the possibility of a stolen phone, thanks.

I don't get the fuss on this. First, both Apple and Google have implemented systems to accomplish remote wipe/lock/locate of stolen or misplaced phones a long time ago. Second, there are also plenty of 3rd party apps that do this reliably, using things like text messages from white listed numbers for example.

I don't get the fuss on this. First, both Apple and Google have implemented systems to accomplish remote wipe/lock/locate of stolen or misplaced phones a long time ago. Second, there are also plenty of 3rd party apps that do this reliably, using things like text messages from white listed numbers for example.

So where's the problem again?

Easy political target. And also ignores the problems that can come up later... Should we make a betting pool on potential abuses and how long until they're reality?

I'm no expert, but I can easily see someone reporting someone else's phone stolen, the kill switch getting hacked, mod chips being made to kill the kill switch or restore functionality, etc. The senator is either naive about the technological cat and mouse game, or is just making noise for their future re-election campaign. Possibly both.

So, eradicate smartphone theft. Smart move. Of course it does exactly nothing to address the socio-economic factors that drive people to steal in the first place.

It may be a little beyond the scope of phone manufacturers and telecom providers to change the fundamental nature of Humanity and how all societies on the planet work.

Still, they could put it in as a stretch goal.

The legislation mandates that manufacturers put in kill switches. Which means that the legislation again tries to doctor symptoms instead of causes. So what will happen if smartphones no longer are attractive for petty theft? Petty thieves won't disappear, they'll just target other objects of higher desirability.

This is the same feature added to iOS 7, correct? Or will this add even more security features?

lol, the first two features have been a part of iOS for years now, I think they were there in iOS 4 in fact.

You are right that the features to remote wipe, as well as not allow a thief to use the phone has existed in a while. However, those did not deter thieves who wanted to steal your phones to resell, but rather, were geared to protect your data's privacy, since the thief could use the phone by doing a clean wipe.

The 3rd feature, which prevents the device from ever being usable to someone who is not the original owner (or who has enough access to the original owner's personal information) from using it again. This is a true anti-theft feature, and only exists in iOS7 amongst smartphones, AFAIK.

So, eradicate smartphone theft. Smart move. Of course it does exactly nothing to address the socio-economic factors that drive people to steal in the first place.

It may be a little beyond the scope of phone manufacturers and telecom providers to change the fundamental nature of Humanity and how all societies on the planet work.

Still, they could put it in as a stretch goal.

The legislation mandates that manufacturers put in kill switches. Which means that the legislation again tries to doctor symptoms instead of causes. So what will happen if smartphones no longer are attractive for petty theft? Petty thieves won't disappear, they'll just target other objects of higher desirability.

Higher desirability, but far far lower accessibility.

Smartphones are the most valuable things the vast majority of people carry outside their home.

Still the naievete of putting your personal phone numbers and contacts and photos you've made out to the "cloud" in the name of security and ease of recovery.

I notice there is literally no app personal linking to the phone making it useless outside of n-feet of the owner. Something that would completely obviate phone theft. If you're going to walk around angel nude on the cloud with everything you know and do just "out there" for everyone to see, then device neutrality is a more obvious solution.

As to the high theft rate concerns, insurance companies are the driving force. The insurance industry has always had deep influence on law enforcement and law making priorities. If the insurance industry isn't paying out on these thefts, no one cares how they affect the schmoe who got robbed.

And the 911 emergency override, thats a clever trick. I've spoken to thieves and they love it. You keep the phone powered off. When you want to make a call, you power on, let it link, call 911 and the phone automatically gives you 1 minute or more to talk. If you hang up on 911, you still have the minute and can dial and talk to whomever you like. Pretty useful when you didn't pay for anything and oh, btw, can power it off again for next time.

A much better solution. Thieves are like every one else, they go shopping, they enter large publicily attended areas. Use that. Put in an RFID chip on every phone with the hardware MAC ID embedded. Require every phone sales kiosk of any brand (you know they're everywhere) to have an RFID reader for the phones that sends the MAC/RFID to a centrally PHONE COMPANY funded reported stolen phone database (using your insurance dollars). Either have the kiosks notify local police of stolen phones in the area (low probability of usefulness) or the kiosk overrides and powers the phone speaker on and it starts blaring "Stolen Phone" "Stolen Phone" for 3 minutes with no way to turn it off. This continues as long as the person with the phone is in the vicinity or reenters the kiosk influence area. If the same capability is added near theaters, shopping malls, banks, etc., stolen phones become a very bad thing to have around. All that without even giving the police a device so the stolen phone carrier can claim "rights" if they were to put it in patrol cars and cruise the streets.

This is the same feature added to iOS 7, correct? Or will this add even more security features?

lol, the first two features have been a part of iOS for years now, I think they were there in iOS 4 in fact.

You are right that the features to remote wipe, as well as not allow a thief to use the phone has existed in a while. However, those did not deter thieves who wanted to steal your phones to resell, but rather, were geared to protect your data's privacy, since the thief could use the phone by doing a clean wipe.

The 3rd feature, which prevents the device from ever being usable to someone who is not the original owner (or who has enough access to the original owner's personal information) from using it again. This is a true anti-theft feature, and only exists in iOS7 amongst smartphones, AFAIK.

This is correct. The remote wipe feature does exactly NOTHING to prevent most theft, since the thief couldn't care less about your personal information. He just wants the phone itself, so he can resell it.

I've personally had like 2-3 iPhones stolen, two of them from my apartment while I was home (it's a kinda fucked up neighborhood), so anything that makes my phone unusable to the miserable son of a bitch who nicked it, is great in my mind.

Insurance companies should be happy with this initiative. I can't IMAGINE how much money they are paying out each year for stolen phones. I don't think I know anyone who hasn't had at least one smartphone stolen.

Isn't this basically the remote wipe that's built into iOS/Android (or maybe I'm just thinking Cyanogenmod version) already? Plus a way to prevent re-activation? Why not just have a shared list via 3rd party or FCC or something which has a list of stolen IMEI numbers, and prevent access to those devices on their networks? Seems really stupid not to have done that already a long time ago.

This is what happens everywhere else. However IMEI numbers can be changed. This is still a problem.

Wow, Leno is really a self-important jerk. What's proposed is very reasonable, functional and adequate without imposing draconian measures that would be screwed-up by users with limited technical skills. This technology has to work globally, not just for affluent residents of San Francisco who get their undies in a wad when they forget their smartphones at Starbucks.

It's a bloody phone. They will get lost. They will get misplaced. They will get stolen. Happens.

A real kill switch would short the battery and burn the electronics when the user remotely triggers it or the thief tries to use the phone. Anything else is just marketing.

Dude, you're a real genius. So what happens when you killswitch a modern smartphone with a high-capacity lithium battery (youtube what happens when you short one of these puppies) and the ex-phone-now-incendiary-device sets fire to the thief's home, killing his/her kids as they sleep?

... today’s ‘opt-in’ proposal misses the mark if the ultimate goal is to combat street crime and violent thefts involving smartphones and tablets. For stolen phones to have no resale value ...

Taking away the resale value of the stolen phones is only the first step to solving the problem; the more important step would need to come in the form of new law enforcement initiatives, with regards to recovery of the stolen merchandise, and prosecution of the thieves. The cellular companies and the manufacturers are entirely powerless in that part of the battle.

We've all read about those situations where a person goes to the police with the live GPS location of his stolen phone displayed on another device, and the police indicate that they can't use that data, due to some sort of red tape issue, or the like. Leno needs to re-prioritize his efforts on eliminating that red tape, and on encouraging law enforcement to actually apprehend these criminals at every opportunity. That's how you deter cell phone theft... make sure that would-be thieves know that they'll do time if they do the crime!

But to paraphrase: Inexplicably, the government refuses to take this approach...

So, eradicate smartphone theft. Smart move. Of course it does exactly nothing to address the socio-economic factors that drive people to steal in the first place.

It may be a little beyond the scope of phone manufacturers and telecom providers to change the fundamental nature of Humanity and how all societies on the planet work.

Still, they could put it in as a stretch goal.

I'd love to see HR SMARTify that and put it in some VP's goals.

Quote:

"Here you go, Jensen. Reduce external failure costs by 15% in 2014. Oh, and also, realize a 1.5% change in the fundamental nature of humanity by the third quarter. Revamp societal function on a post-national basis to realize a 20% increase in general happiness by the end of the year. Make those goals, or kiss your 10% bonus good bye."

So, eradicate smartphone theft. Smart move. Of course it does exactly nothing to address the socio-economic factors that drive people to steal in the first place.

It may be a little beyond the scope of phone manufacturers and telecom providers to change the fundamental nature of Humanity and how all societies on the planet work.

Still, they could put it in as a stretch goal.

The legislation mandates that manufacturers put in kill switches. Which means that the legislation again tries to doctor symptoms instead of causes. So what will happen if smartphones no longer are attractive for petty theft? Petty thieves won't disappear, they'll just target other objects of higher desirability.

A real kill switch would short the battery and burn the electronics when the user remotely triggers it or the thief tries to use the phone. Anything else is just marketing.

Dude, you're a real genius. So what happens when you killswitch a modern smartphone with a high-capacity lithium battery (youtube what happens when you short one of these puppies) and the ex-phone-now-incendiary-device sets fire to the thief's home, killing his/her kids as they sleep?

If only there was some sort of list that the network could check every time that a phone tried to attach to the network... and phones with an idtentity number burned in, so whenever a phone was reported lost, stolen, or claimed on insurance this identity number could be added to the list, so that when a phone that was on this list tried to attach it could be denied, rendering the phone a glorified paperweight...

Why didn't they build that into the standard?

Oh they did? US networks just never bothered using it? Oh, my mistake.

Isn't this basically the remote wipe that's built into iOS/Android (or maybe I'm just thinking Cyanogenmod version) already? Plus a way to prevent re-activation? Why not just have a shared list via 3rd party or FCC or something which has a list of stolen IMEI numbers, and prevent access to those devices on their networks? Seems really stupid not to have done that already a long time ago.

They did. Its used pretty much everywhere else. All conveniently in the GSM standard.

But since the big bad government didnt make em use it, they never bothered.

If only there was some sort of list that the network could check every time that a phone tried to attach to the network... and phones with an idtentity number burned in, so whenever a phone was reported lost, stolen, or claimed on insurance this identity number could be added to the list, so that when a phone that was on this list tried to attach it could be denied, rendering the phone a glorified paperweight...

Why didn't they build that into the standard?

Oh they did? US networks just never bothered using it? Oh, my mistake.

Even then, your stolen phone can fetch a pretty penny in China or India.

Why can't the carriers refuse to work with known stolen devices? Why isn't that part of the effort here?

Don't the carriers block stolen phones based on IMEI? In the UK once the the handset is flagged as stolen it can be blocked from UK carriers, regardless of SIM swaps.

(Usual caveats apply about how well this works in practice, of course)

The trouble is it doesn't work in practice at all. You just ship the phone to another country, and sell it there for the same price you could get locally. IMEI registers never cross international borders as far as I know.

With hundreds of phones stolen every minute just in the USA, imagine what the numbers are in india. An international stolen IMEI database would be *huge* — and also expensive.

Why can't the carriers refuse to work with known stolen devices? Why isn't that part of the effort here?

Don't the carriers block stolen phones based on IMEI? In the UK once the the handset is flagged as stolen it can be blocked from UK carriers, regardless of SIM swaps.

(Usual caveats apply about how well this works in practice, of course)

The trouble is it doesn't work in practice at all. You just ship the phone to another country, and sell it there for the same price you could get locally. IMEI registers never cross international borders as far as I know.

How many phone thieves are capable of shipping phones across borders? IMEI blocking isn't supposed to be perfect, but a practical deterrent.

The weakness I've observed is not that the thief will circumvent the block, but that the victim won't know the IMEI, or know that it could be blocked.